I've built a basic authentication system using all of the login controls and
a custom screen to manage roles using the Membership, MembershipUser, and
Roles classes. So now I can manage users and roles from the website. But,
what classes are available to manage access rules (permissions)? do we have
to write code to manipulate the individual web.configs?

--
Regards,
Gary Blakely

Hi Gary,

From your description, you're building a custom web management application
which can help user configure the membership user & role info of the
application. Currently, you're wondering how to add the "access
rule"(authorization) management into the system, correct?

As for the "access rules", it is actually persisted as <authorization>
setting in application's web.config file, so if you want to provide service
to programmatically manage this setting, you need to also programmatically
change the web.config file. In .net framework 2.0, you can utilize the
configuration API to do this. And the "<authorization> section is
associated with the System.Web.Configuratrion.AuthorizationSection class.

#AuthorizationSection Class
http://msdn2.microsoft.com/en-us/library/system.web.configuration.authorizat
ionsection.aspx

You can use code to open the configuration object of the specified path in
your application and then locate the "AuthorizationSection" and manage
rules in it.

Hope this helps.

Sincerely,

Steven Cheng

Microsoft MSDN Online Support Lead


This posting is provided "AS IS" with no warranties, and confers no rights.